Back to bug 2211322

Who When What Removed Added
Avinash Hanwate 2023-05-31 06:02:16 UTC CC security-response-team
Avinash Hanwate 2023-05-31 07:52:45 UTC Deadline 2023-06-14 2023-06-15
Avinash Hanwate 2023-05-31 09:23:59 UTC Group team ocp_embargoes
Avinash Hanwate 2023-06-15 05:36:34 UTC Summary EMBARGOED CVE-2023-2727 kube-apiserver: Bypassing policies imposed by the ImagePolicyWebhook admission plugin CVE-2023-2727 kube-apiserver: Bypassing policies imposed by the ImagePolicyWebhook admission plugin
CC dfreiber, jburrell, rogbas, vkumar
Deadline 2023-06-15
Fixed In Version kube-apiserver 1.27.3, kube-apiserver 1.26.6, kube-apiserver 1.25.11, kube-apiserver 1.24.15
Group qe_staff, team ocp_embargoes, security
Avinash Hanwate 2023-06-15 05:43:45 UTC Depends On 2215200, 2215202
Avinash Hanwate 2023-06-15 07:43:25 UTC Doc Text A security issue was discovered in Kubernetes where users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
RaTasha Tillery-Smith 2023-06-15 12:42:21 UTC Doc Text A security issue was discovered in Kubernetes where users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. A flaw was found in Kubernetes, where users may be able to launch containers using images restricted by the ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
Red Hat Bugzilla 2023-07-07 08:33:22 UTC CC security-response-team
Assignee security-response-team nobody
Doug Hellmann 2023-07-25 20:21:49 UTC CC dhellmann

Back to bug 2211322